Consider removal of interactivity for wmiactivity event #4
Description
See lines 920 to 967 in a similar a similar project of mine to fully automate each activity type. I'm jealous you were able to get things done with such concise code.
Also, for convenience, here is a sample sysmon configuration file that attempts to tighten sysmon logging to only events produced by sysmonsimulator.